<?php

include_once('../@base/portal.php');
include_once('../login/login.php');
// include_once('functions');

$passwd = $post->passwd;
$user = $post->user;
$login = login($user->number, $user->passwd);
if ($login['status'] == 0 && $login['userbase']['level'] > 0) {
  output(doChange($user->number, $passwd));
} else {
  return ["status" => 1];
}

function doChange($number, $passwd)
{
  $sql = "UPDATE oprec_security_data SET passwd='{$passwd}' WHERE number = {$number}";
  logfile('CHG_PASSWD_SQL', $sql);
  $result = exec_sql($sql);
  if ($result) {
    return ['status' => 0];
  } else {
    return ['status' => 2];
  }
}
